Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/naYr1QHJvwX-oQtuj2eGvDPFvYM.roa
File:                     naYr1QHJvwX-oQtuj2eGvDPFvYM.roa (raw, json)
Hash identifier:          6QrnQDP6HbujQycl6u7W4eVnu06DaKVUgR6BY7Wh+40=
Subject key identifier:   9D:A6:2B:D5:01:C9:BF:05:FE:A1:0B:6E:8F:67:86:BC:33:C5:BD:83
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018B7F9CAC8B61D955EF8D63225EEF57E129
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/naYr1QHJvwX-oQtuj2eGvDPFvYM.roa
Signing time:             Mon 30 Oct 2023 08:04:16 +0000
ROA not before:           Mon 30 Oct 2023 08:04:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216155
IP address blocks:        89.213.149.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:7f:9c:ac:8b:61:d9:55:ef:8d:63:22:5e:ef:57:e1:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 30 08:04:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9da62bd501c9bf05fea10b6e8f6786bc33c5bd83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:cf:e3:b3:95:25:5a:b8:97:fa:31:5e:db:94:
                    75:09:c2:ff:a9:0e:8a:38:9d:9d:5c:49:6f:2b:a8:
                    15:ad:23:fe:b5:b5:f7:72:95:75:cd:c7:06:a2:d2:
                    48:c6:16:ad:f2:1c:3e:66:fd:28:73:48:c9:e4:9c:
                    c2:d9:f8:58:1b:d4:d5:49:03:39:dc:fd:10:84:0b:
                    e9:a4:16:21:a5:2c:59:3d:1a:69:8a:94:b3:cb:a3:
                    dc:3b:97:8d:04:2a:80:6b:e8:50:0f:d0:44:ab:da:
                    b7:18:26:56:d1:d3:6e:dd:4d:96:bc:55:1e:48:53:
                    3e:d8:3d:07:e5:0b:59:b9:f2:63:c1:d4:c2:d8:f3:
                    68:f5:42:79:9f:5d:33:c6:be:44:d2:33:b4:38:c4:
                    b3:79:d7:af:dc:7b:39:ae:08:a4:58:e4:10:a0:66:
                    14:ec:74:5d:0a:3c:73:6e:75:0a:a2:f4:89:8a:30:
                    b3:ca:29:91:de:7f:35:b1:af:0d:28:f8:ef:f7:eb:
                    45:50:98:33:53:ed:0b:d2:9c:b5:fa:cc:a1:8e:19:
                    34:b8:34:43:3d:44:ea:23:ba:e2:9a:03:52:2a:7f:
                    8d:4d:18:f2:a7:ea:0d:7d:72:38:ef:27:d4:6a:9b:
                    73:a4:15:bb:9d:c7:97:b3:b1:0e:34:13:7d:b5:77:
                    a2:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:A6:2B:D5:01:C9:BF:05:FE:A1:0B:6E:8F:67:86:BC:33:C5:BD:83
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/naYr1QHJvwX-oQtuj2eGvDPFvYM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:fd:ea:fd:ab:b5:2c:c8:33:37:b5:45:1d:30:73:40:ee:21:
         7f:11:66:5f:d7:7f:7a:28:1d:f9:e0:f2:c3:72:bd:96:18:c2:
         76:81:91:a4:f0:4f:d3:f9:97:b6:d6:ec:f0:73:6d:4f:bb:ff:
         3e:3d:87:20:ce:12:29:8e:e0:49:06:55:8c:af:cd:53:1e:b7:
         0a:73:43:7f:5b:8f:0c:94:77:e9:fb:5f:d0:f7:e6:e2:76:ac:
         8f:23:62:7f:26:82:48:b7:bd:53:41:50:f8:84:fc:5b:0f:1c:
         36:e6:1d:31:dd:de:8d:6e:43:7e:a4:1a:bf:50:82:12:77:69:
         50:1e:02:f7:02:4c:a6:07:22:62:2b:c1:7d:53:f3:95:ee:ec:
         d0:ed:07:75:b9:f6:d6:76:ed:de:fb:0b:f5:31:ad:dd:44:a8:
         b7:b2:f1:89:1c:39:79:00:e5:42:05:80:01:38:27:e4:97:16:
         d8:d4:8a:c6:66:bf:43:7c:87:4e:dc:16:eb:9a:f7:1b:ea:90:
         78:e7:c6:9c:88:be:7f:a2:56:a3:0f:d0:19:52:85:26:aa:34:
         75:49:df:60:98:1f:09:8d:a6:33:97:0b:97:55:00:56:e3:d1:
         b8:4a:7f:12:26:f6:7c:f2:01:ad:2b:d2:47:2c:82:51:83:b7:
         9c:74:aa:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYt/nKyLYdlV741jIl7vV+EpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDMwMDgwNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGE2MmJkNTAxYzliZjA1ZmVhMTBiNmU4ZjY3ODZiYzMzYzViZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkM/js5UlWriX+jFe25R1CcL/qQ6K
OJ2dXElvK6gVrSP+tbX3cpV1zccGotJIxhat8hw+Zv0oc0jJ5JzC2fhYG9TVSQM5
3P0QhAvppBYhpSxZPRppipSzy6PcO5eNBCqAa+hQD9BEq9q3GCZW0dNu3U2WvFUe
SFM+2D0H5QtZufJjwdTC2PNo9UJ5n10zxr5E0jO0OMSzedev3Hs5rgikWOQQoGYU
7HRdCjxzbnUKovSJijCzyimR3n81sa8NKPjv9+tFUJgzU+0L0py1+syhjhk0uDRD
PUTqI7rimgNSKn+NTRjyp+oNfXI47yfUaptzpBW7nceXs7EONBN9tXeiXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2mK9UByb8F/qELbo9nhrwzxb2DMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbmFZcjFRSEp2d1gtb1F0dWoyZUd2RFBGdllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWVMA0G
CSqGSIb3DQEBCwUAA4IBAQAe/er9q7UsyDM3tUUdMHNA7iF/EWZf1396KB354PLD
cr2WGMJ2gZGk8E/T+Ze21uzwc21Pu/8+PYcgzhIpjuBJBlWMr81THrcKc0N/W48M
lHfp+1/Q9+bidqyPI2J/JoJIt71TQVD4hPxbDxw25h0x3d6NbkN+pBq/UIISd2lQ
HgL3AkymByJiK8F9U/OV7uzQ7Qd1ufbWdu3e+wv1Ma3dRKi3svGJHDl5AOVCBYAB
OCfklxbY1IrGZr9DfIdO3Bbrmvcb6pB458aciL5/olajD9AZUoUmqjR1Sd9gmB8J
jaYzlwuXVQBW49G4Sn8SJvZ88gGtK9JHLIJRg7ecdKqC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org